Audit Log Feed in MDM

Keeping a record of all the different activities that take place on an MDM server/web console, can be quite demanding for IT admins. Right from onboarding devices, to provisioning them with the right policies, apps, content and restrictions, there's a whole lot of crucial activities which need to be tracked. Executing each of these features is considered as an 'action' on the MDM console.

To make sure that there is a consolidated view of all the actions taking place on the Mobile Device Manager Plus console, an 'Audit Log Feed' box is available on the Home Tab. This gives IT admins a quick list of everything important that they need to be notified about.

1. The most recent set of actions are displayed, but to view the history of all activities, click on the '>>More' button.
2. Here, you can filter out events based on certain pre-defined criteria provided by MDM. This includes the following criteria:
   • Date Range
   • Modules
   • User(s)
3. Configure the audit log settings based on your organization's requirements, and then click on 'Show'.
4. Let's say you want to take a look at all the Security Commands executed over the past week. Choose '1 week' in the 'Within Date Range' field, tick the 'Security Commands' module, choose the User (Admin) from the dropdown and click on 'Show'.

Similarly, the history of all events can be viewed here:

Modules in MDM

The following are modules based on which actions are categorized into:

• Enrollment
• Profile Management
• App Management
• Inventory
• Security Commands
• Migration Settings
• MDM Group
• Conditional Exchange Access(CEA)
• Office 365 MAM policy
• Content Management
• OS Update Management
• Mac security details
• Geo-fencing
• Announcement
• Certificates
• Privacy Consent
• Remote Control
• Azure Conditional Access(ACA)
• Database Backup
• General
• Remote DB Access
• Security Settings
• User Management

1. Based on the remarks displayed in the Audit Log viewer, admins can take the necessary precautions and remedial measures to protect corporate data on mobile devices.
2. The exact Event Time ensures that you never miss an important activity on the MDM console.
3. You can also choose how long you want the audits to remain in the MDM server. Click on the 'Edit Audit Log Settings' option and enter the number of days for which alerts history should be maintained. Click 'Apply' to save the settings.

Points to note

• For feature-wise or security based Reports, you can use the Pre-defined, Scheduled or Custom Query Reports.
• The 'Action Log Viewer' differs from the Actions which can be executed on devices from the Inventory Tab. The Action Log Viewer is a curated list of all recent and past tasks done on devices from the MDM server. On the other hand, the 'Actions' dropdown is a list of remedial security commands that can be taken on devices in cases of emergencies or maintenance routines.
• In addition to maintaining the MDM activities, even login details will be available on the Audit Log Feed. This is to keep admins/technicians aware of who is accessing the console, their role, and the IP address as well.
• You can create a user account for external/ internal auditors with auditor privilege.

Know More

• You can scan devices and collect device information like storage, network, OS, battery details, etc. Scanning devices also establishes contact between the MDM server and the mobile device(s). Systematic and regular scans are mandatory for MDM to maintain updated device information and device activities.
• Learn how MDM effectively handles PII by ensuring user privacy and corporate security.
• Understand MDM On-premises and MDM Cloud Architecture.